Memory consolidation in developmental disorders

The relationship between memory and adaptive functioning was studied in sample of 268 children with attention deficit/hyperactivity disorder (ADHD, n = 83), autism spectrum disorder (ASD, n = 62), velo-cardio-facial syndrome (VCFS, n = 21), and low birth weight (LBW, n = 38) and neurotypicals (n = 64). Children with ASD and VCFS demonstrated a relative weakness in facial and visual memory, while no between-group differences were found during the auditory verbal learning task of the TOMAL. Learning curve analyses showed that after the first trial of the visual span test, all groups performed at the same level, but the performance of the clinical samples dropped after each subsequent trials. However, during the delayed recall, no between-group differences were evident. On the word memory test, the groups were significantly different after the first trial, but during delayed recall their performance converged. When memory functioning was used to predict academic achievement, TOMAL scores explained 37% of the variance in math scores, 22% in reading, and 13% in spelling scores. The same models did not predict social skills as measured by the CBCL. When age, gender, and FSIQ were added to memory scores to the regression model, the adjusted R2 value doubled for achievement scores, with IQ clearly driving the age effect. However, IQ was not a significant predictor of social skills. With that criterion, age became the only significant predictor, explaining 39% of the variance. The clinical implications of the findings on diagnostic (nonverbal memory and math seem to be a relative weakness in neurodevelopmental disorders; repeated learning trials may be needed to allow diagnosis-specific deficits to emerge; cognitive variables predict academic, but not social functioning; consolidation could be treated as a separate, emergent variable and normed separately to enhance its diagnostic utility) and treatment (visual cuing may be less effective in ASD and especially VCFS than a verbally mediated one) considerations are discussed

Conditional error variance in the WISC-IV

Measurement error at different ability levels in the WISC-IV was studied to empirically test the conditional error variance hypothesis. Graduate students in clinical psychology at a Midwestern university scored fictitious WISC-IV Vocabulary subtests constructed to yield actual scaled scores of 4, 10, and 16. Classical measurement theory assumes error rate will be constant across the three conditions. Modern test theories (Item Response Theory), however, predict that the precision of a measurement instrument will change as a function of the examinee\u27s ability level. Data supported the conditional error variance hypothesis. Scorers made significantly more errors in the low- and high-abilitylevel conditions than they did in the average ability condition. Implications of these findings for intelligence testing are discussed

LIST: Lightweight Solutions for Securing IoT Devices against Mirai Malware Attack

Recently, the number of Internet of Things (IoT) devices has increased significantly, as they have become affordable to most people. This spread has highlighted a critical security threat, namely the increasing number of Distributed Denial of Service (DDoS) attacks. As these resource-constrained IoT devices are built to be cost-efficient, their security measures are limited. Moreover, most users are not aware of the security measures that they must apply. Nowadays, almost every IoT device (e.g., fridge, air conditioner, thermostat, toaster) is able to connect to the internet, and this allows the user to access and control it with its own smartphone application. The lack of security measures in these devices was highlighted in September 2016, when a large-scale DDoS attack was launched using a botnet of compromised IoT devices. This type of attack has been since used in different forms and has been classified as Mirai DDoS Botnet Attack. This paper presents a detailed analysis of the Mirai attack and of the source code of the Mirai malware, reports on the implementation of the attack in a controlled environment, and proposes possible solutions that could help in mitigating the attack.publishedVersio

LLMs in Web Development: Evaluating LLM-Generated PHP Code Unveiling Vulnerabilities and Limitations

This study evaluates the security of web application code generated by Large Language Models, analyzing 2,500 GPT-4 generated PHP websites. These were deployed in Docker containers and tested for vulnerabilities using a hybrid approach of Burp Suite active scanning, static analysis, and manual review. Our investigation focuses on identifying Insecure File Upload, SQL Injection, Stored XSS, and Reflected XSS in GPT-4 generated PHP code. This analysis highlights potential security risks and the implications of deploying such code in real-world scenarios. Overall, our analysis found 2,440 vulnerable parameters. According to Burp's Scan, 11.56% of the sites can be straight out compromised. Adding static scan results, 26% had at least one vulnerability that can be exploited through web interaction. Certain coding scenarios, like file upload functionality, are insecure 78% of the time, underscoring significant risks to software safety and security. To support further research, we have made the source codes and a detailed vulnerability record for each sample publicly available. This study emphasizes the crucial need for thorough testing and evaluation if generative AI technologies are used in software development

Multidomain Cyber-Physical Testbed for Power System Vulnerability Assessment

The rapid digitalization of power systems involves enhanced interconnectivity, intelligence, and cost-efficiency across all components. In the era of Industry 5.0, the criticality of energy supply makes power systems prime targets for attacks, highlighting the need for the creation and evaluation of solutions against cyber-physical threats. Testbeds have emerged as essential tools for these purposes by representing real-world power systems in controlled environments and simulating cyber-physical attack-defense experiments. This paper introduces a Cyber-Physical Security (CPS) testbed rooted in the Smart Grid Architecture Model (SGAM) and developed adversary setup within the National Smart Grid Laboratory at the Norwegian University of Science and Technology. By adhering to the SGAM framework, this study delves into the classification and assessment of threats within the structure of the CPS testbed, examining vulnerabilities at distinct structural levels. Significantly, the strategic placement of the adversary setup within these levels enables a comprehensive evaluation of cyber-physical vulnerabilities in simulated systems, thereby facilitating the assessment of protective measures. Furthermore, this research presents case studies using three data sources as an aggregated dynamic power system model simulated in the real-time digital simulator OPAL-RT, real power grid, and playback of previously recorded data frames using virtual phasor measurement units functionality. The focus of this work is on the analysis of the five most common cyberattacks on power systems, such as passive and active reconnaissance, interruption in communication, TCP packet injection, and men-in-the-middle attacks utilizing the C37.118.2-2011 protocol. The results of the case studies illustrate the framework for the adversary setup and provide proof-of-concept attack scenarios for evaluation purposes. As part of future work, we intend to expand upon this research with a defender setup and implement more sophisticated, stealthy attackspublishedVersio

The inventory of problems-29 is a cross‑culturally valid symptom validity test: Initial validation in a Turkish community sample

Because the actuarial evidence base for symptom validity tests (SVTs) is developed in a specific population, it is unclear whether their clinical utility is transferable to a population with different demographic characteristics. To address this, we report here the validation study of a recently developed free-standing SVT, the Inventory of Problems-29 (IOP-29), in a Turkish community sample. We employed a mixed design with a simulation paradigm: The Turkish IOP–29 was presented to the same participants (N = 125; 53.6% female; age range: 19–53) three times in an online format, with instructions to respond honestly (HON), randomly (RND), and attempt to feign a psychiatric disorder (SIM) based on different vignettes. In the SIM condition, participants were presented with one of three scripts instructing them to feign either schizophrenia (SIM-SCZ), depression (SIM-DEP), or posttraumatic stress disorder (SIM-PTSD). As predicted, the Turkish IOP–29 is effective in discriminating between credible and noncredible presentations and equally sensitive to feigning of different psychiatric disorders: The standard cutoff (FDS ≥ .50) is uniformly sensitive (90.2% to 92.9%) and yields a specificity of 88%. Random responding produces FDS scores more similar to those of noncredible presentations, and the random responding score (RRS) has incremental validity in distinguishing random responding from feigned and honest responding. Our findings reveal that the classification accuracy of the IOP–29 is stable across administration languages, feigned clinical constructs, and geographic regions. Validation of the Turkish IOP–29 will be a valuable addition to the limited availability of SVTs in Turkish. We discuss limitations and future directions

Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab

Industrial Control Systems (ICS) are increasingly integrated with Information Technology (IT) systems, blending Operational Technology (OT) and IT components. This evolution introduces new cyber-attack risks, necessitating specialized security measures like Intrusion Detection Systems (IDS). This paper presents our work on both developing an experimental protocol and conducting tests of various IDS types in a digital substation hardware in the loop (HIL) testbed, offering insights into their performance in realistic scenarios. Our findings reveal significant variations in IDS effectiveness against industrial-specific cyber-attacks, with IT-specific IDSs struggling to detect certain attacks and changing testlab conditions affecting the assessment of ICS-specific IDSs. The challenges faced in creating valid and reliable evaluation metrics underscore the complexities of replicating operational ICS conditions. This research enhances our understanding of IDS effectiveness in ICS settings and underscores the importance of further experimental research in HIL testlab environments.publishedVersio